Featured image of post Ransomware Negotiator Sentenced to 70 Months for Colluding With BlackCat Hackers

Ransomware Negotiator Sentenced to 70 Months for Colluding With BlackCat Hackers

A ransomware negotiator hired to help victims recover from extortion attacks was instead feeding their confidential information to the very criminals demanding payment — a betrayal that has now landed him in federal prison for nearly six years.

Angelo Martino, a negotiator employed by DigitalMint, was sentenced to 70 months in prison after pleading guilty to conspiring to interfere with interstate commerce through extortion. Though his plea agreement recommended a 24-month sentence, the court handed down a term nearly three times longer. Law enforcement also seized $10 million in assets obtained through the scheme, and Martino will be required to surrender 10 percent of his post-release income to compensate victims.

Digital illustration of a ransomware screen with a padlock and warning symbols on a dark blue background

Ransomware is depicted in this illustration representing the cyber threat landscape. (Image: TheDigitalArtist / Pixabay)

A Trust Betrayed

Starting in April 2023, Martino was assigned by his employer, DigitalMint, to negotiate with the BlackCat ransomware group — also known as ALPHV — on behalf of five victims who had hired the company to help resolve their extortion situations. Unknown to both his employer and the clients, Martino was secretly working with the attackers.

According to court filings, the BlackCat group paid Martino for inside information about the victims’ negotiating strategies, financial positions, and bottom-line thresholds. Armed with this intelligence, the ransomware group was able to drive up ransom demands far beyond what the victims might otherwise have paid. The five victims were extorted for amounts ranging from $213,000 to $26.8 million, totaling more than $75 million.

“Angelo Martino sold out the very victims he was hired to represent, handing their confidential negotiating positions to BlackCat actors to drive up ransoms and enrich himself,” said Brett Leatherman, assistant director of the FBI Cyber Division.

Double Betrayal

The scheme went even deeper. Martino and two co-conspirators — each previously sentenced to 48 months — personally deployed ransomware against five additional victims. Among them was a medical device company that ultimately paid a $1.2 million ransom.

DigitalMint, which fully cooperated with investigators, said it had no knowledge of Martino’s activities. The company had assigned him to cases in good faith, trusting him to advocate for the victims who had hired them.

The BlackCat Connection

BlackCat/ALPHV was one of the most prolific ransomware operations of 2023, claiming responsibility for attacks including a major outage at MGM Resorts. The Department of Justice announced in December 2023 that it had disrupted the group, and the FBI developed a decryption tool that helped more than 500 victims avoid making over $68 million in total payments. The government continues to pursue BlackCat administrators and affiliates, offering a reward of up to $10 million for information leading to their capture.

Martino’s case serves as a stark warning about the risks inherent in the ransomware negotiation ecosystem, where the intermediaries trusted to protect victims’ interests may themselves become vectors of exploitation. His 70-month sentence reflects the severity of a betrayal that compounded the damage already inflicted by some of the most destructive cybercriminals in recent years.